package com.kkb.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * Created by on 2019/5/10.
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter{

    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .passwordEncoder(new BCryptPasswordEncoder())
                .withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).authorities("read");
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
       http.authorizeRequests()
           .antMatchers("/css/**","/login.html","/login-error.html","/401.html","/js/**").permitAll()
           .anyRequest()
           .authenticated()
           .and()
           .formLogin().loginPage("/login.html")
           .failureUrl("/login-error.html")
           .loginProcessingUrl("/user/login")
           .defaultSuccessUrl("/index.html",true)
           .and()
           .exceptionHandling().accessDeniedPage("/401.html")
           .and()
           .csrf().disable();
       http.logout().logoutSuccessUrl("/");
    }
}
